urlscan.io logo urlscan.io
SecurityTrails logo

benefitpad.com Open in urlscan Pro
2606:4700:30::681f:4973  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://westernunion.benefitzip.com/
Effective URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Submission: On October 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2606:4700:30::681f:4973, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is benefitpad.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 14th 2018. Valid for: 6 months.
This is the only time benefitpad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 4 2606:4700:30:... 13335 (CLOUDFLAR...)
6 94.31.29.64 33438 (HIGHWINDS2)
4 2a00:1450:400... 15169 (GOOGLE)
13 3
Domain Requested by
6 2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com benefitpad.com
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com
4 maps.googleapis.com benefitpad.com
maps.googleapis.com
4 benefitpad.com 1 redirects benefitpad.com
1 westernunion.benefitzip.com 1 redirects
13 4

This site contains no links.

Subject Issuer Validity Valid
sni35204.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-14 -
2019-04-22		 6 months crt.sh
*.netdna-ssl.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-28 -
2019-02-28		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-10-02 -
2018-12-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Frame ID: 44670136A591EB00A0686C893BBDE975
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://westernunion.benefitzip.com/ HTTP 302
    https://benefitpad.com/wp-signup.php?new=westernunion.benefitzip.com HTTP 302
    https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/maps.googleapis.com\/maps\/api\/js/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

199 kB
Transfer

530 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://westernunion.benefitzip.com/ HTTP 302
    https://benefitpad.com/wp-signup.php?new=westernunion.benefitzip.com HTTP 302
    https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wp-login.php
benefitpad.com/
Redirect Chain
  • https://westernunion.benefitzip.com/
  • https://benefitpad.com/wp-signup.php?new=westernunion.benefitzip.com
  • https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4973 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c7c25aaa504e82c94de0d55034bdfd14bb01f374c9619ce030ebb2e4318ec0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
benefitpad.com
:scheme
https
:path
/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d7c1617e9bcb54a77a9bc92b6b6bf51ef1540273611
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 23 Oct 2018 05:46:53 GMT
content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
set-cookie
wordpress_test_cookie=WP+Cookie+check; domain=benefitpad.com; secure
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
wpe-backend
apache
x-wpe-loopback-upstream-addr
127.0.0.1:6789
x-cacheable
NO:Passed
cache-control
max-age=0, must-revalidate, private
x-cache
MISS
x-pass-why
wp-admin
x-cache-group
x-type
default
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
46e1e7decee563c1-FRA
content-encoding
gzip

Redirect headers

status
302
date
Tue, 23 Oct 2018 05:46:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7c1617e9bcb54a77a9bc92b6b6bf51ef1540273611; expires=Wed, 23-Oct-19 05:46:51 GMT; path=/; domain=.benefitpad.com; HttpOnly; Secure
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
wpe-backend
apache
x-wpe-loopback-upstream-addr
127.0.0.1:6789
x-cacheable
NO:Passed
cache-control
max-age=0, must-revalidate, private
x-cache
MISS
x-pass-why
wp-admin
x-cache-group
x-type
default
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
46e1e7d8ac5063c1-FRA
load-scripts.php
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/ 		105 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/load-scripts.php?c=0&load%5B%5D=jquery-core,jquery-migrate&ver=4.9.8
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7ee1ac6d9b88d4bd02fddbb2f0ad9b90c0a4e8d461092d2ed9d4fe8e1ed9060b

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
wp-core-cacheable
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
wpe-backend
apache
server
NetDNA-cache/2.2
x-cacheable
YES:31536000.000
etag
W/4.9.8
vary
Accept-Encoding,Cookie
x-cache
MISS
content-type
application/javascript; charset=UTF-8
status
200
expires
Wed, 23 Oct 2019 02:39:49 GMT
cache-control
max-age=31536000, must-revalidate
x-cache-group
wp-cacheable
x-pass-why
js
maps.googleapis.com/maps/api/ 		98 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?sensor=false&ver=4.9.8
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
2d926a6d22ff6f554d05d068f89d77e9438dab63899d3a2ccf0aa441c325d89e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
32048
x-xss-protection
1; mode=block
expires
Tue, 23 Oct 2018 06:16:53 GMT
wild-googlemap-js.js
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/wild-googlemap-js.js?ver=4.9.8
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ce22923d74bb6c5e017ed3219e1ab7e687100618639ca7e2ce3d1ed6465c946d

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2017 07:49:20 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"59d49280-2bd4"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
wild-googlemap-js-frontend.js
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/wild-googlemap-js-frontend.js?ver=4.9.8
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4d6d04b3c9f53d29e29c35c60fa8e00521b97b9cde82db9ce291a938154760ef

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2017 07:49:20 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"59d49280-c1b"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
force-zxcvbn.min.js
benefitpad.com/wp-content/mu-plugins/force-strong-passwords/ 		227 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitpad.com/wp-content/mu-plugins/force-strong-passwords/force-zxcvbn.min.js?ver=1.7
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4973 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2a9d404f9d0555d9843c8a42fc4be424a188aac72eeff03258680dc35378e6

Request headers

:path
/wp-content/mu-plugins/force-strong-passwords/force-zxcvbn.min.js?ver=1.7
pragma
no-cache
cookie
__cfduid=d7c1617e9bcb54a77a9bc92b6b6bf51ef1540273611; wordpress_test_cookie=WP+Cookie+check
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
benefitpad.com
referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
:scheme
https
:method
GET
Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/backed
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 19 Oct 2018 20:58:38 GMT
server
cloudflare
status
200
etag
W/"5bca457e-e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
46e1e7e2084863c1-FRA
expires
Thu, 22 Nov 2018 05:46:53 GMT
js-admin.min.js
benefitpad.com/wp-content/mu-plugins/force-strong-passwords/ 		432 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitpad.com/wp-content/mu-plugins/force-strong-passwords/js-admin.min.js?ver=1.7
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4973 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7591bf7ecde06f7a8336e46c650119f9d53a7f2b151de409ff1cc7a3666f4c2

Request headers

:path
/wp-content/mu-plugins/force-strong-passwords/js-admin.min.js?ver=1.7
pragma
no-cache
cookie
__cfduid=d7c1617e9bcb54a77a9bc92b6b6bf51ef1540273611; wordpress_test_cookie=WP+Cookie+check
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
benefitpad.com
referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
:scheme
https
:method
GET
Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/backed
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 19 Oct 2018 20:58:38 GMT
server
cloudflare
status
200
etag
W/"5bca457e-1b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
46e1e7e2084963c1-FRA
expires
Thu, 22 Nov 2018 05:46:53 GMT
load-styles.php
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/ 		102 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=dashicons,buttons,forms,l10n,login&ver=4.9.8
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8fabaf6789ee0a389057597cbcdb1fb8df07efae6c09a81489a05f0f336c15ea

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
wp-core-cacheable
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
wpe-backend
apache
server
NetDNA-cache/2.2
x-cacheable
YES:31536000.000
etag
W/4.9.8
vary
Accept-Encoding,Cookie
x-cache
MISS
content-type
text/css; charset=UTF-8
status
200
expires
Wed, 23 Oct 2019 02:39:49 GMT
cache-control
max-age=31536000, must-revalidate
x-cache-group
wp-cacheable
x-pass-why
wild-googlemap-css-frontend.css
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/ 		745 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/wild-googlemap-css-frontend.css?ver=4.9.8
Requested by
Host: benefitpad.com
URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d2f79af3b8b0fb26c472c0a5f111d7f4bf401f36a4bc36ca584f320d4a6c526c

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Tue, 23 Oct 2018 05:46:53 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2017 07:49:20 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"59d49280-2e9"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
wordpress-logo.svg
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/images/wordpress-logo.svg?ver=20131107
Requested by
Host: 2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com
URL: https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/load-scripts.php?c=0&load%5B%5D=jquery-core,jquery-migrate&ver=4.9.8
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b

Request headers

Referer
https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=dashicons,buttons,forms,l10n,login&ver=4.9.8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Tue, 23 Oct 2018 05:46:54 GMT
content-encoding
gzip
last-modified
Sun, 05 Apr 2015 21:20:27 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5521a71b-5f1"
vary
Accept-Encoding
x-cache
MISS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
common.js
maps.googleapis.com/maps-api-v3/api/js/34/15/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/34/15/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?sensor=false&ver=4.9.8
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4951a1b454f930b522ab9f52a9d059dd5ab8085609cd6c23a1843d9059dd8c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 22 Oct 2018 23:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Oct 2018 04:01:38 GMT
server
sffe
age
24237
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26454
x-xss-protection
1; mode=block
expires
Tue, 22 Oct 2019 23:03:02 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/34/15/ 		133 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/34/15/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?sensor=false&ver=4.9.8
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a096dcd1885092b39bf53e0b44e99b3d414ed61c124773e2b3b9ddf0f75140cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 22 Oct 2018 23:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Oct 2018 04:01:38 GMT
server
sffe
age
24236
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
51505
x-xss-protection
1; mode=block
expires
Tue, 22 Oct 2019 23:03:03 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fbenefitpad.com%2Fwp-login.php%3Fredirect_to%3D%252Fwp-signup.php%253Fnew%253Dwesternunion.benefitzip.com&5shttps%3A%2F%2Fbenefitpad.com%2Fwp-login.php%3Fredirect_to%3D%252Fwp-signup.php%253Fnew%253Dwesternunion.benefitzip.com&callback=_xdc_._hh5a94&token=15055
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/34/15/common.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
3db4ce6152746ef2cf06422937c55e1dc3fefe5b78ffafd9e57f8812a81a15f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Oct 2018 05:46:59 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
63
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| WiLD_GooglemapManager object| WGM function| WiLD_Googlemap function| WiLD_Googlemap_Marker function| WiLD_Googlemap_Infowindow function| wp_attempt_focus object| d object| _xdc_

2 Cookies

Domain/Path Name / Value
.benefitpad.com/ Name: wordpress_test_cookie
Value: WP+Cookie+check
.benefitpad.com/ Name: __cfduid
Value: d7c1617e9bcb54a77a9bc92b6b6bf51ef1540273611

3 Console Messages

Source Level URL
Text
console-api log URL: https://2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/load-scripts.php?c=0&load%5B%5D=jquery-core,jquery-migrate&ver=4.9.8(Line 9)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/34/15/util.js(Line 224)
Message:
Google Maps JavaScript API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/34/15/util.js(Line 224)
Message:
Google Maps JavaScript API warning: SensorNotRequired https://developers.google.com/maps/documentation/javascript/error-messages#sensor-not-required

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN